⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are familiar. Across devices, cloud services, research labs, and ev...

📄 Dell RecoverPoint for Virtual Machines Shell Upload

This proof of concept leverage Tomcat manager credentials to upload and execute a malicious WAR file containing a JSP web shell on Dell RecoverPoint appliances...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

Vulnerability fixed in Dell RecoverPoint for Virtual Machines

Dell has fixed a vulnerability in Dell RecoverPoint for Virtual Machines versions prior to 6.0.3.1 HF1. The vulnerability resides in hard-coded login credentials present in the software. This allows unauthenticated attackers on the same network to gain unauthorized access to the system. This coul...

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group GTIG. The activity...

Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

Dell RecoverPoint for Virtual Machines RP4VMs contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

CVE-2026-22769

CVE-2026-22769 affects Dell RecoverPoint for Virtual Machines (RP4VMs) versions prior to 6.0.3.1 HF1, where a hard-coded credential vulnerability can allow an unauthenticated attacker to gain full control of the underlying OS with root-level persistence. A PoC circulating in PacketStorm demonstra...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

PT-2026-20303

Name of the Vulnerable Software and Affected Versions Dell RecoverPoint for Virtual Machines versions prior to 6.0.3.1 HF1 Description Dell RecoverPoint for Virtual Machines contains a critical vulnerability CVE-2026-22769 due to hardcoded credentials. This allows unauthenticated remote attackers...

VulnCheck KEV: CVE-2026-22769

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized...

Dell RecoverPoint for Virtual Machines 信任管理问题漏洞

Dell RecoverPoint for Virtual Machines is a simple and efficient operating and disaster recovery solution provided by the American company Dell. It is suitable for virtualized applications in VMware environments. Versions of Dell RecoverPoint for Virtual Machines prior to 6.0.3.1.HF1 contained a...

EUVD-2024-43195

Malicious code in bioql PyPI...

EUVD-2024-26042

Malicious code in bioql PyPI...

EUVD-2024-37811

Malicious code in bioql PyPI...

Dell RecoverPoint for Virtual Machines Weak File System Permissions Vulnerability

Dell RecoverPoint for Virtual Machines is Dell's disaster recovery solution for VMware virtual environments, designed to simplify data protection and disaster recovery processes for virtual machines and ensure business continuity. Dell RecoverPoint for Virtual Machines is vulnerable to a weak fil...

Dell RecoverPoint for Virtual Machines Command Execution Vulnerability

Dell RecoverPoint for Virtual Machines is a simple, efficient operations and disaster recovery solution from Dell, Inc. A command execution vulnerability exists in Dell RecoverPoint for Virtual Machines. An attacker could use this vulnerability to modify the configuration and gain access to...